IF the prefix is a match, which is relatively unusual then the browser requests the full list for that prefix. But also, no, Google just sends back a list of full hashes and not URLs.

> that is what can be brute forced with relative ease

OK. 1f6866 is a hash prefix, quick "brute force" it with this supposed relative ease, what am I looking at?

How about 0aebaf? Ah, trick question, that's just noise stirred in automatically by Firefox (yes their implementation silently does this, typically the noise drowns out signal by a ratio of 4:1 but it's configurable).

Or wait, maybe the first one was noise and this isn't. Google neither knows nor cares.

Still, you'll just use "relative ease" to brute force every 24-bit number and then er, more brute force to figure out which ones are bogus. You can do the same with my phone number. One of the digits is a "five" - quick, brute force the whole number and tell me what it is to show how great "brute force" is at hand-waving impossible problems!

> if you already have a stream of previous they are visiting

I know this trick. Hey, pick a number, then add two to that number, then take away the number you first thought of. The number you're now thinking of is two - tada!

Yes, if I know where you are then I can "magically" tell where you are using seemingly unrelated information, by simply discarding it and already knowing where you are.

But this "technique" works perfectly well without Safe Browsing and so it has no bearing on whether Safe Browsing is in fact safe.

> Anonymization is a very tricky subject

Brain surgery is also a tricky subject. But Google's Safe Browsing project doesn't do Brain surgery either.